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Abstract 

Both  SAT  and  ^SAT  can  represent  difficult  problems  in  seemingly  dissimilar  areas  such 
as  planning,  verification,  and  probabilistic  inference.  Here,  we  examine  an  expressive  new 
language,  #3SAT,  that  generalizes  both  of  these  languages.  #3SAT  problems  require 
counting  the  number  of  satisfiable  formulas  in  a  concisely-describable  set  of  existentially 
quantified,  propositional  formulas.  We  characterize  the  expressiveness  and  worst-case 
difficulty  of  #3SAT  by  proving  it  is  complete  for  the  complexity  class  and  re¬ 

lating  this  class  to  more  familiar  complexity  classes.  We  also  experiment  with  three  new 
general-purpose  #3SAT  solvers  on  a  battery  of  problem  distributions  including  a  simple 
logistics  domain.  Our  experiments  show  that,  despite  the  formidable  worst-case  complex¬ 
ity  of  many  of  the  instances  can  be  solved  efficiently  by  noticing  and  exploiting 

a  particular  type  of  frequent  structure. 
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1  Introduction 


7^3SAT  is  similar  to  SAT  and  t^SAT — determining  if  a  propositional  boolean  formula  has 
a  satisfying  assignment,  or  counting  such  assignments.  SAT  may  be  written  as  3x  0(x), 
and  t^SAT  may  be  written  as  Sx  0(x),  where  x  is  a  vector  of  finitely  many  boolean 
variables  and  0(x)  is  a  propositional  formula.  7^3SAT  allows  a  more  general  way  of 
quantifying  than  SAT  or  ^^SAT.  Specifically,  a  #3SAT  problem  is  Sx3y  0(x,  y),  which 
corresponds  to  counting  the  number  of  choices  for  x  such  that  there  exists  a  y  satisfying 
0(x,  y). 

The  change  of  quantification  is  significant.  Rather  than  being  a  decision  problem  like 
SAT  (‘is  there  a  satisfying  assignment?’)  the  solution  of  an  7)^3SAT  is  an  integer  found  by 
summing  over  a  subset  of  the  variables.  This  richer  type  of  quantification  generalizes  both 
SAT  and  the  pure  counting  problem  #SAT,  capturing  a  larger  class  of  problems. 

The  integer  answer  to  a  7)^3SAT  instance  has  a  natural  interpretation:  the  number  of 
formulas  that  are  SAT  from  a  concisely-described  but  exponentially  large  set  of  formulas. 
Each  full  assignment  to  the  S-variables  ‘selects’  a  particular,  entirely  3-quantified,  residual 
formula — i.e.,  3y  ^(x,  y)  for  some  x — from  the  set.  If  a  concise  quantifier-free  represen¬ 
tation  of  3y  (;/)(x,  y)  could  be  found  efficiently,  ^3SAT  would  reduce  to  t^^SAT.  In  most 
instances,  however,  the  existential  quantification  is  required  for  concise  representation. 

7)^3SAT  captures  a  simple  type  of  probabilistic  interaction  useful  for  testing  the  robust¬ 
ness  of  a  policy  under  uncertainty.  As  an  example,  imagine  a  delivery  company  pondering 
whether  to  purchase  more  vehicles  to  improve  quality-of-service  (QoS).  They  wonder  if, 
under  some  world  model,  the  probability  of  timely  delivery  could  be  significantly  im¬ 
proved  with  more  vehicles.  We  answer  this  question  by  counting^  how  many  random 
scenarios  {e.g.,  truck  breakdowns  and  road  closures)  permit  delivery  plans  (sequences  of 
vehicle  movements,  pickups,  and  dropoffs)  that  meet  QoS  constraints  (every  package  is 
delivered  to  its  destination  by  some  predetermined  time)  for  both  the  current  fleet  and  the 
augmented  one. 

This  logistics  problem  can  be  pseudo-formalized  as 

Sb,  c,  r3p  QoS(b,  c,  r,  p),  (1) 

where  the  vector  b  describes  which  vehicles  break  down,  c  lists  road  closures,  r  lists 
delivery  requests,  and  p  defines  the  plan  of  action.  QoS  is  a  formula  that  describes  initial 
positions,  goals,  and  action  feasibility.  After  realizing  all  uncertainty,  we  are  left  with  an 
instance  of  a  famous  AP-complete  problem:  finding  p  is  bounded  deterministic  planning. 

^  Throughout,  for  simplicity,  we  discuss  unweighted  #3SAT,  where  each  scenario  is  equally  likely.  Our 
algorithms  also  work  for  the  weighted  problem;  furthermore,  some  weighted  problems  reduce  to  unweighted 
ones  by  proper  encoding. 


3 


This  logistics  example  suggests  another  interpretation  for  7^3SAT  problems:  they  are 
policy-space  robustness  questions  for  a  type  of  planning  problem.  7^3SAT  problems  en¬ 
code  situations  where  all  uncertainty  is  resolved  on  the  first  time-step,  and  then  the  plan¬ 
ning  agent  tries  to  achieve  their  goal  using  some  restricted  policy  space  with  complete 
observation. 

7^3SAT  is  a  subset  of  general  planning  under  uncertainty  that  requires  that  all  uncer¬ 
tainty  is  revealed  initially.  This  excludes  the  succinct  description  of  any  problem  that 
has  a  more  complicated  interlacing  of  action  and  observation.  For  example,  the  logistics 
problem  does  not  describe  the  random  breakdown  of  trucks  after  they  leave  the  depot. 

However,  #3SAT  is  still  very  expressive — we  characterize  its  complexity  in  §2.  We 
provide  three  exact  solvers  for  7^3SAT  in  §3,  before  testing  implementations  of  these  ap¬ 
proaches  in  §4.1  and  §4.2. 

The  experiments  are  encouraging,  and  show  a  type  of  structure  that  can  be  noticed  and 
exploited  by  solvers.  Our  experiments  and  algorithms  may  be  useful  not  just  for  ^3SAT 
problems,  but  also  for  problems  with  more  complicated  uncertainty.  We  are  hopeful  that 
similar  structure  can  be  discovered  and  exploited  in  these  settings,  and  that  our  solvers  can 
be  used  as  components  or  heuristics  for  more  general  solvers. 

1.1  Related  work. 

SAT  is  the  canonical  AP-complete  problem.  Many  important  problems  like  bounded 
planning  (e.g.,  Kautz  and  Selman  [1999])  and  bounded  model  checking  (e.g.,  Biere  et  al. 
[2003])  can  be  solved  by  encoding  problem  instances  in  a  normal  form — like  conjunctive 
normal  form  (CNF)  or  DNNF  (Darwiche  [2001]) — and  using  an  off-the-shelf  SAT  solver 
such  as  GRASP  [Marques-Silva  and  Sakallah,  1999],  Chaff  [Moskewicz  et  al,  2001], 
zChaff  [Fu  et  al,  2004],  or  MiniSat  [Een  and  Sorensson,  2006].  Current  work  in  sat¬ 
isfaction  modulo  theory  (SMT;  e.g.,  Nieuwenhuis  et  al  [2006])  is  a  continuation  of  this 
successful  program. 

This  method  of  solving  AP-complete  problems  (convert  to  normal  form  and  solve 
with  a  SAT  solver)  succeeds  because  SAT  solvers  can  automatically  notice  and  exploit 
some  kinds  of  structure  that  occur  frequently  in  practice.  Techniques  include  the  venerable 
unit-propagation  rule  [Davis  et  al,  1962],  various  preprocessing  methods  {e.g.,  [Een  and 
Biere,  2005]),  clause  learning  [Marques-Silva  and  Sakallah,  1999],  restarting  [Gomes  et 
al,  1998],  and  many  others.  These  techniques  are  typically  fast — adding  clause  learning 
to  a  SAT  solver  does  not  add  a  lot  of  overhead  to  it — but  has  a  significant  impact  on  the 
empirical  performance  of  SAT  solvers  on  important  distributions  of  problems  instances. 
As  a  result,  modern  SAT  solvers  can  tackle  huge  industrial  problem  instances.  The  quality 
of  modern  SAT  solvers  enables  Scientists  and  engineers  to  treat  them  largely  as  black 
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boxes,  not  delving  too  deeply  into  their  code.  Because  of  this,  improvements  to  SAT 
solvers  have  immediate  and  far-reaching  impact. 

SAT  is  not  fully  general  and  there  are  many  reasons  to  examine  more  expressive  set¬ 
tings.  Many  of  these  settings  amount  to  allowing  a  richer  mixture  of  quantifiers:  there  is  a 
SAT-like  problem  at  each  level  of  the  polynomial  hierarchy,  formed  by  bounded  alterna¬ 
tions  of  V  and  3.  QBF  is  even  more  general,  allowing  an  unbounded  number  of  3  and  V 
alternations;  QBF  is  PS  PACE-complete  [Samulowitz  and  Bacchus,  2006]. 

Bounded  alternation  of  3  and  S  quantifiers  yields  another  hierarchy  of  problems, 
and  our  #3SAT  problem  is  one  of  the  two  problems  at  its  second  level.  Other  mem¬ 
bers  of  this  hierarchy  include  the  pure  counting  problem,  ^^SAT  (the  canonical  ^P- 
complete  problem)  and  Bayesian  inference  (also  #P-complete  [Roth,  1996]),  as  well  as 
the  two-altemation  decision  problem  MAXPLAN  [Majercik  and  Littman,  1998,  2003]  and 
the  unbounded-alternation  PS  PACE-complete  decision  problem  stochastic  SAT  (SSAT; 
Littman  et  al.  [2001]).  Our  counting  problem  is  related  to  a  restriction  of  SSAT. 

MAXPLAN  bears  a  number  of  similarities  to  7)^3SAT.  It  asks  if  a  plan  has  over  a  50% 
probability  of  success,  and  can  be  thought  of  as  asking  an  37^SAT  thresholding  question — 
the  opposite  alternation  to  our  #3SAT.  MAXPLAN  has  a  different  order  of  observation 
that,  in  the  planning  analogy,  means  the  MAXPLAN  agent  commits  to  a  plan  first,  then 
observes  the  outcome  of  this  commitment.  The  7)^3SAT  agent  observes  first,  then  acts. 
MAXPLAN  is  AP^^-complete  (complete  for  the  class  of  problems  that  are  solvable  by  an 
NP  machine  with  access  to  a  PP  oracle),  and  we  compare  its  expressiveness  to  7)^:3SAT  in 
§2. 

While  i^SAT  is  in  PS  PACE  and,  could  in  theory,  be  solved  by  a  QBF  solver  we  are  not 
aware  of  any  empirically  useful  reductions  of  #SAT  to  QBF.  Indeed,  we  are  not  aware  of 
a  reduction  that  does  not  involve  simulating  a  #SAT  solver  with  a  counting  circuit — these 
are  thought  to  be  a  difficult  case  for  QBF  solvers  (e.g.,  Janota  et  al.  [2012]).  We  expect  the 
relation  between  ^3SAT  and  QBF  to  be  similar. 

7)^3SAT  is  also  a  special  case  of  another  general  problem — it  is  a  probabilistic  con¬ 
straint  satisfaction  problem  Fargier  et  al.  [1995]  with  complete  knowledge  and  binary 
variables.  The  restriction  to  ^3SAIT  not  only  allows  us  to  develop  both  novel  algorithms 
but  also  stronger  theoretical  results. 

We  note  that  this  paper  concerns  exact  solvers  rather  than  approximate  solvers  {e.g., 
Wei  and  Selman  [2005]  or  Gomes  et  al.  [2007]).  This  is  for  several  reasons.  First,  we  are 
interested  in  solvers  that  provide  non-trivial  anytime  bounds  on  the  probability  range — so 
we  can  terminate  if  our  bounds  become  sufficiently  tight  or  are  sufficient  to  answering  a 
thresholding  question.  Secondly,  we  believe  that  exact  solvers  will  generalize  better  to 
first-order  settings  such  as  Sanner  and  Kersting  [2010]  or  Zawadzki  et  al.  [201 1]. 
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2  Complexity 

The  previous  section  mentions  a  number  of  other  problems  that  generalize  SAT.  In  this 
section  we  clarify  how  expressive  7^3SAT  is  compared  to  them  with  three  theoretical  state¬ 
ments. 

Our  first  result  is  that  ^^38 AT  is  complete  for  by  itself,  is  the  class 

of  counting  problems  that  can  be  answered  by  a  polynomially-bounded  counting  Turing 
machine.  A  counting  Turing  machine  is  a  nondeterministic  machine  that  counts  paths 
rather  than  testing  if  there  is  a  path.  The  machine’s  polynomial  bound  applies  to  the  length 
of  its  nondeterministic  execution  paths. 

The  superscripted  oracle  notation  used  in  refers  to  a  generalization  of  the 

#P  counting  machine  that  allows  the  machine  to  make  a  single  query  to  an  AP-complete 
oracle  per  path.  This  oracle  seems  weak  at  first  glance — there  is  a  simple  reduction  from 
NP  to  T^P,  so  why  would  a  single  call  to  this  oracle  help?  A  later  result  shows,  however, 
that  this  oracle  call  does  change  the  complexity  class  unless  the  polynomial  hierarchy 
collapses. 

Theorem  1  (Completenes).  #35Ar  is  complete  for 

Proof.  First  we  show  that  our  problem  is  in  Our  oracle-enhanced,  polynomially- 

bounded  counting  Turing  machine  can  solve  this  problem  by  nondeterministically  choos¬ 
ing  the  S-variables,  and  then  asking  the  oracle  whether  the  entirely  3-quantified  residual 
formula  is  SAT  or  not. 

Second,  we  show  that  an  arbitrary  problem  A  G  ^P^^hl  can  be  converted  to  an  in¬ 
stance  of  #3SAT  in  polynomial  time.  This  is  done  through  a  Cook-Levin-like  argument: 
since  there  must  be  some  oracle-enhanced,  polynomially-bounded  counting  Turing  ma¬ 
chine  M  that  counts  A,  and  we  will  simulate  its  running  in  a  #3SAT  formula  f.  We  use 
S-variables  to  correspond  to  the  non-deterministic  branching  decisions  in  the  counting 
Turing  machine,  and  3-variables  to  describe  the  remainder  of  the  counting  machine  and 
all  of  the  oracle  machine. 

For  each  time  step  in  the  simulation  we  encode  the  tape  state  (e.g.  CountTapej^^  is 
true  iff  counting  tape  cell  i  contains  character  c  at  time  t),  the  read/write  head  state  (e.g. 
CountHeadjt  is  true  iff  the  counting  machine  head  is  at  cell  i  at  time  t),  and  the  finite 
automaton  state  (e.g.  CountState^t  is  true  iff  the  counting  automaton  is  in  state  s  at  time 
t).  These  variables  are  summarized  in  Table  1. 

We  use  clauses  to  encode  the  operation  of  the  Turing  machine.  For  example,  the  set  of 
clauses 

Vi,  t,  c,  c'  -iCountTapejg^  V  -iCountTapej^,^ 
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Counting 

Oraele 

Tape 

CountTape^^^ 

OracleTapei^t 

Head 

CountHeadjt 

OracleHeadji 

Automaton 

CountState^j 

OracleStatest 

Path 

PathTaken*,^^ 

- 

Table  1 :  Summary  of  variables  required  to  simulate  the  eounting  Turing  maehine  with  ora- 
ele.  The  PathTaken  variables  are  annotated  with  an  asterisk  to  indieate  that  they,  uniquely, 
are  S-variables.  The  rest  are  3-variables. 

ensures  that  no  eell  of  the  eounting  maehine  tape  has  more  than  one  eharaeter  written  to  it 
at  any  time.  See  Cook  [1971]  for  greater  details  on  these  elauses. 

The  eounting  maehine  has  additional  elause  to  deseribe  how  it  writes  to  the  oraele  tape, 
and  has  three  speeial  state  in  its  automaton  ealled  ‘Ask’,  ‘SAT’  and  ‘UNSAT’  that  me¬ 
diate  its  interaetion  with  the  oraele.  The  oraele  is  quieseent  before  the  eounting  automaton 
lands  on  ‘Ask’,  solves  the  problem  on  its  tape,  and  moves  the  eounting  automaton  to  the 
appropriate  answer  state.  The  requirement  that  the  oraele  is  ealled  onee  is  already  eneoded 
in  the  automaton  of  M.  See,  for  example,  Goldreieh  [2008]  for  more  details  on  both  oraele 
and  eounting  Turing  maehines. 

The  main  differenee  between  our  maehine  and  the  standard  oraele  maehine  oeeurs  in 
the ‘’transition  rule’  that  determines  what  transitions  are  possible  in  the  maehine.  For  a 
standard  deeision  Turing  maehine  this  looks  like: 

Vi,  s,  c,  t  (Headjt  A  State,jt  A  Tape^^J  — )■ 

Y  (Head(i+rf)(i+i)  A  State,/(t+i)  A  Tapei^,(t+i))  . 

{s\c'  4)&T{s,c) 

Here,  d  e  {—1, 0, 1}  and  T(s,  c)  is  the  set  of  transitions  (s',  c',  d)  possible  when  the  head 
reads  c  and  the  automaton  is  in  state  s. 

In  addition,  we  modify  the  transition  rule  of  the  eounting  maehine  to  ‘reeord’  the  non- 
deterministie  branehing  deeision  that  it  made  with  a  S-variable: 

Vi,  s,  c,  t  (CountHeadjt  A  CountState^t  A  CountTapej^J  — )■ 

Y  (^CountHead(i+d)(t+i)  A  CountState^/(t+i) 

(5^,C^,d)GT(5,c) 

A  CountTapeic,(i+i)  A  PathTaken(i+d)s'c't))  • 
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From  this  construction,  every  satisfying  path  in  the  counting  Turing  machine  M  corre¬ 
sponds  to  a  unique  set  of  PathTaken  literals  0.  From  this  correspondence,  we  proven  that 
their  counts  are  identical,  as  required. 

The  time  required  to  construct  the  simulation  formula  0  is  bounded  by  a  polynomial 
in  the  size  of  the  original  input  A.  This  can  be  seen  from  the  fact  that  0  combines  two 
Cook-Levine  style  formulae  which  are  polynomial  in  the  size  of  the  original  input,  added 
a  polynomial  number  of  S-variables,  and  adjusted  a  subset  of  the  clauses.  □ 

We  now  turn  to  whether  the  oracle  call  actually  adds  something;  ig  not  merely 

in  disguise. 

Theorem  2.  IfjjSSAT  reduces  to  then  the  polynomial  hierarchy  collapses  to  Sf. 

This  proof  is  based  on  the  fact  that  a  ‘uniquifying’  Turing  machine  Munq — a  machine 
that  can  take  a  propositional  boolean  formula  (p.b.f)  0  and  produce  another  p.b.f.  ifj  that 
has  a  unique  solution  iff  0  has  any  (and  none  otherwise) — cannot  run  in  deterministic 
polynomial  time  unless  the  polynomial  hierarchy  collapses  to  Sf’  (a  corollary  of  Dell  et 
al.  [2012]  and  Karp  and  Lipton  [1982]). 

Proof.  Suppose  7)^3SAT  reduces  to  Then  there  is  a  polynomial  time  Turing  machine 
Mred  that  reduces  any  S3-quantified  p.b.f.  $  =  Sx3y  ^(x,  y)  to  a  p.b.f.  ip  such  that 
counting  solutions  to  ip  answers  our  ^3-counting  question  about  $.  Therefore,  $  must 
have  the  same  number  of  S3-solutions  as  f  has  solutions:  Count#3($)  =  Count^('^). 

We  use  Mred  to  uniquify  any  boolean  formula  p  as  follows.  First,  form  the  7)t3SAT 
formula  =  Sa;3y  [x  A  0(y)].  By  design,  Count#3(<F)  =  1  iff  Count#(0)  >  1. 

Then,  since  we  have  assumed  that  Pp3SAI  reduces  to  #SAT,  we  can  run  $  through 
to  produce  a  p.b.f. Since  Count^3($)  =  Count^('^),'^  is  the  uniquified  version 
of  0.  This  whole  process  runs  in  polynomial  time  if  M^ed  is,  so  M^ed  cannot  exist  unless 
PH  collapses.  □ 

Thus,  the  oracle  call  (probably)  adds  expressiveness  and  our  problem  703SAT  is  (prob¬ 
ably)  more  general  than  t^SAT. 

Finally,  we  combine  some  existing  results  to  show  that  NP^^  contains  PP^P3^  a 
decision  class  closely  related  to  our  counting  class.  Class  PP^^hl  ig  ‘close’  in  the  sense 
that  it  Cook-reduces  to  our  counting  class 

Corollary  1.  PP^^W  c  NP^^ 

Proof.  Follows  from  Toda’s  theorem  [Toda,  1991]  (middle  inclusion):  PP^^hl  c  pp™  c 
pPP  c  NP^^.  □ 
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This  establishes  that  a  closely  related  decision  problem  to  our  ig  contained 

in  NP^^,  the  complexity  class  that  MAXPLAN  is  complete  for.  The  result  suggests  that 
thresholding  questions  for  #3SAT  are  possibly  less  expressive  than  MAXPLAN,  but  also 
easier  in  the  worst  case. 


3  Algorithms 

The  previous  section  establishes  7^3SAT’s  worst-case  difficulty,  but  we  know  from  many 
other  problems  (e.g.,  SAT)  that  the  empirical  behavior  of  solvers  in  practice  can  be  radi¬ 
cally  different  than  the  worst-case  complexity. 

In  the  next  two  sections  we  explore  the  empirical  behavior  of  three  different  solvers  on 
several  distributions  of  ^3SAI  instances.  ^3SAI  generalizes  both  SAT  and  #SAT,  so  the 
first  two  solvers  are  adaptations  of  algorithms  for  those  settings.  The  final  solver  is  a  novel 
DPLL-like  procedure,  and  capitalizes  on  an  observation  specific  to  the  7)^3SAT  setting. 

Our  design  principle  for  these  solvers  is  to  use  a  black  box  DPLL  solver  as  an  inner 
loop.  First,  our  solvers  automatically  get  faster  whenever  there  is  a  better  DPLL  solver. 
Second,  the  inner  loop  of  the  black-box  solver  is  already  highly  optimized,  so  we  can  avoid 
zealously  optimizing  much  of  our  solver  and  focus  on  higher-level  design  questions. 

3.1  mDPLL:  A  SAT  inspired  solver. 

One  intuition  for  ^3SA[T  problems  is  that  instances  with  a  small  number  of  S-variables 
might  be  solvable  by  running  a  SAT  solver  until  it  sweeps  across  every  S-assignment 
(rather  than  returning  after  finding  the  first  satisfying  assignment,  like  we  would  in  SAT). 
We  test  this  intuition  by  generalizing  DPLL. 

Our  first  algorithm,  mDPLL,  searches  over  S-assignments  (consistent  total  or  partial 
assignments  to  the  S-variables),  pruning  whenever  a  S-assignment  can  be  shown  to  be 
SAT  or  UNSAT.  Each  S-assignment  defines  a  subproblem  S  =  (0,  As,  (7s,  U3),  where  0 
is  the  original  formula.  As  C  is  the  S-assignment,  and  (7s  C  Vs  and  U3  C  V3  are 
the  unassigned  S  and  3  variables.  Ls,  '^3,  "^3  are  sets  of  the  S  and  3  variables  and 

literals. 

Our  implementation  is  iterative  (we  maintain  an  explicit  stack),  but  for  clear  exposition 
we  present  mDPLL  as  a  recursive  procedure.  mDPLL  is  a  special  case  of  mDPLL /C  (Alg  1) 
that  skips  lines  4-8.  These  two  cases  are  explained  later  in  the  description  for  mDPLL/C. 
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Algorithm  1 


1 

function  mDPLL/C(S'  =  (0,  As,  Us,  U^)) 

2 

if  UnSatLeaf(S')  then  return  0 

3 

if  SatLeaf(S')  then  return 

4 

if  InCache(S')  then 

5 

return  CachedValue(S) 

6 

if  Shatterable(S')  then 

4=  Skip  for  mDPLL 

7 

(C'(i),...,C'(™))  ^  Shatter(,S) 

8 

return  mDPLL/C(U^*^) 

9 

^  Branch(,S) 

10 

return  mDPLL/C(S'a,)  -f  mDPLL /C(S'^2,) 

mDPLL  first  checks  if  a  subproblem  S  is  either  an  SAT  or  UNSAT  leaf  in  the  Un- 
SatLeaf  and  SatLeaf  functions.  Both  of  these  checks  are  done  with  the  same  black  box 
SAT  solver  call.  S  is  an  UNSAT  leaf  if  0  is  UNSAT  assuming  As  (( AaeA^  a)  A  0  is  UN¬ 
SAT),  and  a  SAT  leaf  if  the  solver  produces  a  model  where  each  clause  in  0  is  satisfied 
by  at  least  one  literal  not  in  Us.  If  S'  is  not  a  leaf  then  the  subproblem  is  split  into  two 
subproblems  and  in  the  Branch  function  by  branching  on  some  S-variable  in  Uy.} 
S-literal  unit  propagation  is  a  special  case  of  branching  where  the  implementation 
has  fast  machinery  to  determine  if  one  of  the  children  is  an  UNSAT  leaf.  3-literal  unit 
propagation  is  handled  by  the  black  box  solver. 

The  following  is  useful  for  proving  mDPLL  is  correct. 

Definition  1  (Total  S-extensions).  For  any  Tj-assignment  a  C  Us  ci  total  T^-assignment 
that  contains  a  is  a  total  T,-extension  of  a.  The  set  of  all  such  extension  is  ExtYicr)  C  Us- 

We  analogously  define  total  S3-extensions  and  ExtYBic). 

Theorem  3.  For  any  jf^SAT formula  Tix3y  (j){x,  y)  with  Y3-count  k,  mDPLL  returns  k. 

Proof  By  induction  on  the  structure  of  the  mDPLL  search.  Consider  S  =  (0,  As,  Us,  Uf): 

•  Unsatisfying  leaf,  by  definition  of  an  UNSAT  leaf  f  is  infeasible  assuming  As,  so 
S  has  no  S 3-assignments. 

•  Satisfying  leaf,  by  definition  of  a  SAT  leaf  every  a  G  ExtY{AY)  has  at  least  one 
r  G  ExtY3{(y)  that  is  satisfying.  |Ua;fs(As)|  =  so  S  has  count 

^We  use  an  activity-based  branching  heuristic  similar  to  VSIDS  [Moskewicz  et  al,  2001]  in  our  imple¬ 
mentation. 
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•  Internal  node,  we  inductively  assume  that  mDPLL  works  correctly  on  the  subprob¬ 
lems  Sx  and  S^x-  By  construction,  the  children’s  S3-total  extension  sets 
{x})  and  ExtY,3{AY,  U  {“•a;})  are  a  partition  of  Therefore  the  child 

counts  can  be  added  together  to  form  a  count  for  S.  □ 

3.2  #SAT  inspired  solvers 

For  problem  instances  with  a  large  number  of  S-variables  we  might  suspect  that  ^^SAT’s 
techniques  are  more  useful  than  SAT’s.  There  are  at  least  two  families  of  exact  7^8 AT 
solvers:  based  on  either  binary  decision  diagrams  (BDDs;  Bryant  [1992])  or  DPLL  with 
component  caching  like  cachet  [Sang  et  al,  2005]. 

3.3  Binary  decision  diagrams 

A  ROBDD  is  a  graph-based  representation  of  a  boolean  function  with  a  number  of  nice 
properties.  ROBDDs  can  exploit  kinds  of  structure  that  CNF  cannot,  and  consequently  can 
be  quite  compact.  As  a  simple  example,  XORing  N  variables  requires  an  exponentially 
large  CNF  formula  or  true  table,  while  an  equivalent  ROBDD  needs  only  2N  +  1  nodes. 

Once  a  problem  has  been  compiled  into  an  ROBDDs,  many  difficult  questions  can  be 
efficient  to  answer.  After  construction,  SAT  is  just  an  0(1)  operation — checking  if  the 
ROBDD  is  the  canonical  UNSAT  ROBDD.  Furthermore,  t^^SAT  counting  is  linear  in  the 
size  of  the  diagram.  This  clearly  suggests  that  building  an  ROBDDs  is,  in  general,  difficult. 
Constructing  ROBDDs  is  very  dependent  on  finding  a  good  variable  ordering,  and  these 
seem  to  be  largely  problem  specific. 

We  can  also  #3SAT  count  quickly,  as  long  as  we  construct  the  ROBDD  using  a  con¬ 
strained  variable  order — we  insist  that  the  S-variables  precedes  any  3-variables.  For  a 
simple  example  of  a  BDD  with  this  variable  ordering,  see  Figure  1. 

Assuming  that  the  variable  order  is  stratified  in  this  fashion,  we  can  7(/:3SAT  by  just 
doing  a  modified  depth-first  search  pass  on  just  the  S-variables  in  the  ROBDD. 


Algorithm  2  Counts  the  number  of  satisfying  S-assignments  using  a  ROBDD. 
1:  function  BDDcount(0,  f/3,  Us) 

2:  ®  ^  BuildBDD(0,U3,Us) 

3:  Count  ^  0 

4;  Paths  =  SPathsFromRootToTrueTerminal(!B) 

5:  for  P  G  Paths  do 

6:  Count  ^  Count  +  2^^A-\p\ 

7;  return  Count 
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Here,  BuildBDD  builds  a  BDD  using  a  variable  ordering  constrained  so  every  S- 
variable  precedes  the  3-variables.  SPathsFromRootToTrueTerminal  is  a  set  of  paths  ex¬ 
tracted  from  the  BDD.  It  is  every  path  from  the  root  to  the  true  terminal  (  1  ) ,  omitting  any 
3-literal.  So  if  two  paths  differ  only  in  their  3-literals,  they  are  purposefully  conflated  in 
SPathsFromRootToTrueTerminal.  For  example,  there  are  four  S-paths  to  true  in  Figure  1: 

(-.Si,S2,-'S3)  , 

(-'Si,-.S2)  , 

(Si,  S3), 

(Si, -S3). 

SPathsFromRootToTrueTerminal  can  be  seen  as  the  set  of  paths  from  the  root  of  the  BDD 
to  any  3-nodes  in  the  BDD  that  have  a  S-parent.  We  also  include  1  in  this  set  if  it  has  a 
S-parent.  This  set  is  called  the  Tj-fringe. 


Terminals 


Figure  1:  A  simple  BDD.  Solid  line  indicates  true  branches,  and  dashed  indicates  false 
branches.  The  dotted  dividing  line  indicates  edges  connecting  to  the  S-fringe. 

The  set  of  SPathsFromRootToTrueTerminal  can  be  calculated  by,  for  example,  depth- 
first  search: 
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Algorithm  3  Finds  the  set  of  paths  from  the  root  of  a  BDD  to  the  S-fringe 


function  SPathsFromRootToTrueTerminal(B) 
Paths  ^  0 

for  Path  G  DepthFirstSearchPaths(B)  do 
e  Path  then 


if  0 


Continue 
P  ^  Copy(Path) 

P'  ■(—  Delete3Nodes(P) 
Paths  ^  Paths  U  P' 
return  Paths 


This  algorithm  is  simple  and  easy  to  reason  about. 

Theorem  4.  For  any  jfBSAT  formula  T,x3y  fix,  y)  with  T3-count  k,  BDDcount  returns 

K. 

Proof.  Every  element  of  P  G  SPathsFromRootToTrueTerminal  differs  from  each  other 
by  at  least  one  S-literal,  so  their  extensions  are  a  partition  of  the  space  of  satisfying  as¬ 
signments.  Every  P  can  be  extended  in  ways  to  form  a  complete  S-assignment. 

The  algorithm  returns  exactly  this  aggregate  count.  □ 

Implementations  of  it  may  be  accelerated  by  figuring  out  the  number  of  S-paths  of 
length  k  from  the  root  to  every  member  of  the  S -fringe  by  using  dynamic  programming 
rather  than  explicitly  forming  each  path  in  SPathsFromRootToTrueTerminal. 

An  alternative  perspective  about  what  this  algorithm  is  doing  is  that  it  is  essentially 
projecting  out  3-nodes — and  any  edges  involving  these  nodes — from  the  BDD.  This  pro¬ 
jection  involves  replacing  edges  from  any  S-node  S  to  any  3-node  E  with  a  direct  edge 
from  S  to  Since  we  are  working  with  a  reduced  BDDs  with  a  stratified  variable  order, 
an  edge  from  S'  to  P  implies  that  there  is  some  path  from  P  to  ^  using  just  3-variables. 
Only  the  S-node  part  of  a  path  matters  for  counting,  so  we  bypass  this  3-path  with  a  direct 
edge  from  S  to  |T]. 

When  there  no  more  edges  from  any  S-node  to  any  3-node,  then  the  3-nodes  are 
totally  disconnected  from  the  root^  and  can  be  deleted.  This  completes  projecting  out  the 
3 -variables. 

The  remaining  BDD  only  has  S-nodes  and  can  be  reduced  if  any  nodes  have  become 
trivial — both  the  true  and  false  branch  go  to  the  same  node.  After  projection  our  problem 
can  be  solved  by  normal  ^SAT  counting  on  the  BDD.  Eigure  2  shows  an  example  of 
projecting  out  the  3-variables  from  Eigure  1. 

^The  root  is  always  a  S-node  unless  the  formula  has  trivial  S-structure. 
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Figure  2:  The  BED  from  Figure  1  after  projecting  out  3-variables  and  eliminating  trivial 
nodes. 

The  solver  was  dramatically  slower  than  any  of  our  other  algorithms  on  every  prob¬ 
lem  instance — the  first  step  of  constructing  the  BDD  with  a  restricted  variable  order  was 
exceptionally  time  consuming.  We  deemed  it  unpromising  and  discontinued  work  on  em¬ 
pirically  evaluating  the  BDD  approach.  This  approach,  however,  may  still  be  useful  if  one 
has  a  particularly  quick  method  of  constructing  BDDs  for  a  particular  application. 

3.3.1  iiiDPLL/ C:  a  #SAT  inspired  solver. 

A  more  promising  approach  was  to  use  component  caching.  Modern  caching  solvers  tend 
to  outperform  BDD  solvers  and  our  exploratory  experiments  with  BDD  solvers  reflected 
this. 

mDPLL/C  (Alg  1)  adds  two  cases  (lines  4-8)  to  mDPLL.  If  S  is  not  a  leaf,  then  In- 
Cache  checks  a  bounded-sized  cache  of  previously  counted  components  for  a  match."^  If 
there  is  a  match  the  Cached  Value  is  returned. 

If  S  is  neither  cached  nor  a  leaf,  then  Shatterable  checks  S  for  components  using 
depth  first  search.  Components  are  subproblems  formed  in  the  Shatter  step  by  partition¬ 
ing  (7s  U  U3  into  disjoint  pairs  U  . . . ,  U  so  that  no  clause  in  0  contains 
literals  from  different  pairs.  Each  component  =  (  0^*^  As,  U^\  )  has  a  formula 

0*^*)  that  is  restricted  to  only  involve  literals  from  U  — the  satisfiability  of  a  compo¬ 
nent  is  relative  to  this  restricted  formula.  Detection  and  shattering  are  expensive — ^profiling 
component  caching  algorithms  reveals  that  solvers  spend  a  large  proportion  of  their  time 
doing  this  work  [Sang  et  al,  2004] — but  can  dramatically  simplify  counting  in  7^8 AT. 

“^Fully  counted  components  are  cached  in  a  hash  table  with  LRU  eviction.  Components  are  represented 
as  C/s  U  1/3  and  the  set  of  active  clauses  (not  already  SAT)  that  involve  these  variables. 
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In  both  mDPLL  and  mDPLL/C  our  implementations  augment  0  with  learned  clauses 
found  by  the  black  box  solver.  Since  we  explicitly  check  S  for  feasibility  in  the  UnSatLeaf 
check  this  is  a  safe  operation  [Sang  et  al,  2004]. 

Theorem  5.  For  any  ^3SAT  formula  T,x3y  with  T3-count  k,  mDPLL/C  returns 

K. 

Proof.  Add  the  following  two  cases  to  the  proof  for  mDPLL: 

•  Cached  component,  by  induction  the  algorithm  was  correct  on  the  original  occur¬ 
rence  of  the  component. 

•  Internal  shattering  node,  by  construction  components  do  not  share  clauses,  so  the 

S3-assignments  made  to  one  component  does  not  effect  whether  the  S3-assignment 
made  to  another  component  satisfies  it.  Thus  every  way  of  choosing  from  each 
component  a  S-assignment  that  is  total  w.r.t.  and  has  a  satisfying 
(w.r.t.  S3-extension  leads  to  a  S-assignment  a  =  u::  for  S  that  has 

a  satisfying  S3-extension  r  =  IJI^i  Consequently  the  count  of  S  is  just  the 
product  of  component  counts.  □ 


Algorithm  4 

1;  function  POP t/s,  C3) 

2:  ((/)',  t/^)  ^  Rewrite(0,  Cs) 

3:  return  P0PSJielper(((/)',  0,  Uf)) 

4:  function  P0PSJielper(5  =  (</>,  As,  Cs,  C3)) 

5;  if  SatSolve(Pess(S'))  then  return 

6;  if  -^5atSolve(Opt(S)}  then  return  0 

7:  X  <—  Branch(5) 

8;  Sx  P-  if,  As  U  {px,  ^Ux},  Cs  \  {px,nx},  U3) 

9:  S^x  ^  if,  As  U  {^Px,nx},  Cs  \  {px,  n^},  U3) 

10:  return  P0PS_helper(5a;)  +  P0PSJielper(S’^2,) 


3.4  POPS:  pessimistic  and  optimistic  pruning  search. 

The  final  algorithm,  POPS,  is  based  on  being  agnostic  about  values  of  S-variables  when¬ 
ever  possible.  If,  during  a  SAT  solve,  we  notice  a  subproblem  can  be  satisfied  with  just 
the  3-variables  then  we  can  declare  the  problem  to  be  a  SAT  leaf.  On  the  other  hand,  if  we 
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notice  that  a  subproblem  cannot  be  satisfied  regardless  of  how  the  S-variables  are  assigned 
we  can  declare  it  to  be  a  UNSAT  leaf. 

This  pruning  is  done  by  SAT-solving  two  modified  formula  per  subproblem  (mDPLL 
and  mDPLL/C  solved  one  formula  per  subproblem).  The  first  is  the  pessimistic  problem, 
which  is  SAT  only  if  every  way  of  extending  with  S-variables  is  SAT.  The  second 
is  the  optimistic  problem,  which  is  UNSAT  only  if  every  way  of  extending  with  S- 
variables  is  SAT.  We  prune  if  the  pessimist  is  SAT,  or  the  optimist  is  UNSAT,  and  branch 
otherwise. 

Both  problems  use  the  same  black  box  solver  instance  by  rewriting  the  original  CNF 
formula.  This  allows  activity  information  and  learned  clauses  to  be  shared,  and  saves 
memory  allocations.  We  rewrite  the  formula  to  essentially  allow  any  S-variable  to  take 
one  of  four  values — true  (T),  false  (F),  unknown  but  optimistic  (O),  or  unknown  but 
pessimistic  (P).  If  a  S-variable  is  O  a  clause  can  be  satisfied  by  either  the  positive  or  the 
negative  literal  of  that  variable;  if  it  is  P,  a  clause  cannot  be  satisfied  by  either  literal.  T 
and  F  behave  as  usual — only  the  appropriate  literal  satisfies  clauses. 

This  four-valued  logic  is  encoded  through  the  literal  splitting  rule.  It  replaces  every 
negative  literal  of  a  S-variable  x  with  a  fresh  3-variable  and  every  positive  literal  with 
a  3-variable  px.  A  S-variable  x  may  be  set  to  any  of  four  values  by  making  different 
assertions  about  Ux  and  px  (see  Table  2  for  the  details). 


X 

0 

T 

F 

P 

Px 

T 

T 

F 

F 

T 

F 

T 

F 

Table  2:  The  four  assignment  values  0,T,F  and  P  and  how  they  correspond  to  the  split 
literals  Ux  and  px 


This  encoding  yields  a  simple  formulation  of  the  optimistic  and  pessimistic  problems: 
for  some  rewritten  problem  S  the  purely  3 -variable  optimistic  problem  is 

Opt{S)  =  (0,  As  U  {m  I  M  e  Us},  0,  U3) 

and  the  pessimistic  problem  is 

Pess{S)  =  (0,  As  U  {-iM  I  u  e  Us},  0,  U3) . 

For  example,  Y^x3y  [x  \/  y]  A  [—x  V  y]  is  rewritten  as  3y,nx,np  [px  V  y]  A  [ux  V  y].  The 

pessimistic  problem  (i.e.,  [px  =  F,  Ux  =  F])  is  SAT  so  we  return  2  at  the  root  without  any 
branching. 
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POPS  initially  Rewrites  the  problem  by  literal  splitting.  A  subproblem  is  pruned  if 
the  overly  constrained  pessimistic  problem  is  SAT  (i.e  SatSolve(Pess(S'));  SatSolve  is  the 
black  box  solver)  or  if  the  relaxed  optimistic  problem  is  UNSAT  (i.e.  -iSatSolve(Opt(S'))). 
Otherwise  POPS  chooses  to  Branch  on  one  of  the  S-variables  x  and  solves  the  child 
subproblems  and  Alg  4). 

The  proof  for  the  correctness  of  POPS  is  very  similar  to  the  proof  for  mDPLL. 

Theorem  6.  For  any  4^3SAT formula  Tix3y  (j){x,  y)  with  T3-count  k,  POPS  returns  k. 

Proof.  Consider  some  subproblem  S  =  (0,  and  its  rewritten  version  S'  = 

{f,  A'j.,  U^,  Uf).  (Our  branching  procedure  allows  us  to  track  the  simple  correspondence 
between  S  and  S' .) 

•  Unsatisfying  leaf  If  the  optimistic  problem  of  S'  is  UNSAT  then,  since  is  a  relax¬ 
ation  of  S,  there  cannot  be  any  satisfying  assignments  for  S. 

•  Satisfying  leaf  If  the  pessimistic  problem  of  S'  is  SAT  then  there  exists  an  3- 
assignment  e  C  C3  such  at  least  one  literal  from  e  U  As  appears  in  every  clause 
of  0.  Therefore,  every  S-assignment  a  G  Extj^{Aj^)  for  S  has  at  least  one  satisfy¬ 
ing  S3-assignment  in  i3a;fs,3(As) — namely:  cr  U  e. 

•  Internal  node  If  S  is  not  a  leaf  then  it  must  have  at  least  one  x  G  Us — otherwise 

the  optimistic  and  pessimistic  problem  for  S'  are  identical  and  S  must  be  a  leaf. 
Branching  on  x  and  -~x  in  S  is  equivalent  to  branching  on  {px,  -'Ux}  and  {-'Px,  Ux} 
in  S'.  As  argued  earlier,  this  partitions  the  space  of  S3-assignments  so  child  counts 
can  be  summed.  □ 


4  Empirical  evaluation 

4.1  Problem  distributions 

We  explore  the  empirical  characteristics  of  the  these  algorithms  by  running  them  on  a 
number  of  instances  drawn  from  four  problem  distributions — job  shop  scheduling,  graph 
3-coloring,  a  logistics  problem,  and  random  37)^3SAT.  The  distributions  touch  a  number  of 
properties:  job  shop  scheduling  is  a  packing  problem  that  uses  binary-encoded  uncertainty, 
the  3-coloring  problems  are  posed  on  dense  graphs,  the  logistics  problem  is  a  bounded- 
length  deterministic  planning  problem,  and  random  3f3SAI  is  unstructured. 
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Job  shop  scheduling.  Schedule  J  jobs  of  varying  length  on  M  machines  with  time 
bound  T.  Job  lengths  are  described  by  P  bits  of  uncertainty  per  job,  encoded  by  S- 
variables.  These  instances  capture  a  setting  where  a  factory  is  considering  a  contract  based 
only  on  estimates  about  job  length. 

Graph  3-coloring.  Color  an  undirected  graph  where  we  have  uncertainty  about  which 
edges  are  present:  for  every  edge  there  is  a  S-variable  to  disable  the  edge  iff  true.  Param¬ 
eters  are  number  of  vertices  V  and  proportion  of  edges  Pg. 

Logistics.  Similar  to  the  problem  in  §1,  except  the  delivery  requests  are  deterministic. 
Parameters  are  the  number  of  cities  C,  the  ratio  of  roads  to  cities  R,  the  number  of  vehicles 
V,  the  number  of  delivery  requests  B,  and  the  time  bound  T.  The  undirected  road  network 
is  generated  by  uniformly  scattering  cities  about  a  unit  square  and  selecting  the  \  C  ■  R\ 
shortest  edges.  The  roads  are  disabled  iff  a  particular  S-variable  is  true.  Initial  positions 
for  the  trucks  and  boxes,  and  goal  positions  for  the  boxes,  are  selected  uniformly.  Trucks 
break  down  independently  at  random. 

Random  3#3SAT.  Out  of  V  variables,  [V  ■  Pp\  are  declared  to  be  S-variables.  Then 
we  build  [Rc  ■  V]  clauses,  each  with  three  non-conflicting  literals  chosen  uniformly  at 
random  without  replacement. 

4.2  Experiments 

Our  experiments  ran  on  a  32-core  AMD  Opteron  6135  machine  with  32  x  4GiB  of  RAM, 
on  Ubuntu  12.04.  Each  run  was  capped  at  4GiB  of  RAM  and  cut  off  after  two  hours.  The 
experiments  ran  for  roughly  160  CPU  days.^  Table  3  shows  the  parameter  settings.  Each 
instance  and  solver  pair  was  run  only  once  because  the  solvers  are  deterministic.^ 


# 

Solvers 

Dist. 

Parameters 

Insts  per  param 

1 

cachet, mDPLL/ C 

Pure  #  Jobs 

JG  {1.....  12},  Afe  {2.3},  Tg  {3.4,  5},P  =  2 

1 

2 

mDPLL,  mDPLL/C,  POPS 

Jobs 

J  G  {2. . . . .  16}.  Af  G  {2.  3. 4},  T  G  {6,  8. 10},  P  G  {2. 3} 

1 

3 

mDPLL,  mDPLL/C,  POPS 

Color 

V  G  {3, . . . .  24},  Pe  G  {0.7, 0.8, 0.9} 

10 

4 

mDPLL,  mDPLL/C,  POPS 

Logistics 

Cg  {3,... .10}, Pg  {1.0,1. 1},Vg  {2,3,4}, Pg  {2,3,4}, Tg  {6,8} 

5 

5 

mDPLL,  mDPLL/C,  POPS 

Random 

V  G  {10, 15, . ..  ,150},Pp  G  {0.1, 0.2, 0.3},  Pc  6  {2.5, 3.  3.5, 4} 

10 

Table  3:  Parameter  settings  for  the  five  experiments. 

^We  attempted  to  compare  our  solvers  to  DC-SSAT  [Majercik  and  Boots,  2005],  a  SSAT-based  planner. 
We  determined — after  personal  communication  with  the  authors — that  we  are  unable  to  faithfully  represent 
a  number  of  our  problem  instances  in  their  slightly  restricted  COPP-SSAT  language.  The  restrictions  are 
reasonable  for  planning,  but  make  representation  of  some  ^SAT  formulas  impossible — e.g.,  no  purely 
#SAT  problem  can  be  directly  encoded.  Consequently,  performing  a  valid  comparison  with  DC-SSAT  is 
still  interesting,  but  unfortunately  out-of-scope  for  this  paper. 

^Randomizing  might  be  beneficial,  e.g.,  in  branching  heuristics. 
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We  hypothesize  that  POPS  exploits  a  type  of  strueture  reminiseent  of  eonditional  inde- 
pendenee  in  probability  theory  or  baekdoors  in  SAT  (e.g.,  Kilby  et  al.  [2005]).  By  solving 
the  pessimistie  problem  POPS  ean  demonstrate  that — given  some  small  partial  assignment 
to  the  S-variables  and  full  assignment  to  the  3-variables — the  remaining  S-variables  are 
uneonstrained  and  ean  take  on  any  value.  We  eall  this  T.-independence,  and  expeet  it  to 
oeeur  more  frequently  in  lightly  eonstrained  formulas,  and  in  formulas  elose  to  being  ei¬ 
ther  VALID  or  UNSAT.^  mDPLL  and  mDPLL/C  are  generally  unable  to  exploit  this  type 
of  strueture. 

Experiment  1,  checking  mDPLL/C  implementation.  In  this  experiment  we  demon¬ 
strate  that  we  have  a  reasonable  implementation  of  eomponent  eaehing  by  eomparing 
mDPLL/C  and  cachet  to  each  other  on  a  72  instances  of  purely  7)^8  AT  job  shop  schedul¬ 
ing  (see  Table  3  for  details).  We  capped  both  programs  at  2.1  x  10^  cache  entries. 


Figure  3:  #SAT  job  shop  scheduling  problems  with  2  machines,  2  bits  of  uncertainty  and  4  times 
steps  with  varying  numbers  of  jobs. 

A  clear  trend  emerged.  For  each  machine  (M  G  {2,  3})  and  time-step  (T  G  {3, 4,  5}) 
the  graph  is  similar  to  Fig  3:  mDPLL/C  is  an  order  of  magnitude  slower  than  cachet 

^There  are  exceptions.  Parity  formulas  like  Ex3y  [0x]  ?/  are  difficult  because  while  they  are 

VALID,  proving  this  requires  reasoning  about  cases  that  are  difficult  to  summarize. 
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on  small  problems,  but  eventually  beeomes  somewhat  faster.  We  suspeet  that  this  sealing 
behavior  has  to  do  with  our  different  way  of  handling  UNSAT  eomponents.  Problems  from 
this  distribution  have  an  inereasingly  small  ratio  of  SAT  S-assignments  to  S-assignments 
as  jobs  are  added,  so  the  effeet  of  this  differenee  beeomes  more  pronouneed.  However, 
sinee  many  of  our  problem  distributions  have  this  ‘larger  problems  have  a  smaller  ratio’ 
property,  we  believe  that  Fig  3  argues  strongly  that  our  solver  speeializes  to  be  a  reasonable 
T^SAT  solver  for  the  instanees  that  we  examine. 


Figure  4:  Log  runtimes  for  #3SAT  job  shop  scheduling  instances  with  2  machines,  2  bits  of 
uncertainty  and  8  times  steps. 

Experiment  2,  job  scheduling  scaling.  The  job  seheduling  instanees  exhibited  a  pat¬ 
tern  that  repeats  in  most  of  our  experiments:  the  POPS  solver  tended  to  outperform  the 
other  two,  espeeially  when  instanees  were  elose  to  being  either  VALID  or  UNSAT.  Addi¬ 
tionally,  augmenting  the  mDPLL  solver  with  eomponent  eaehing  did  not  help — mDPLL/C 
was  the  slowest  solver  on  every  job  seheduling  instanee.  These  results  are  summarized  in 
Table  4  (left).  Fig  4  is  typieal  of  the  sealing  eurves  on  this  distribution.  We  see  that  POPS 
is  dramatieally  faster  than  the  other  two  solvers  until  6  jobs. 

Experiment  3,  3-color  scaling.  The  trends  in  3-eoloring  are  similar  to  those  found  in 
the  job  shop  experiments — POPS  is  the  fastest  solver  on  almost  every  instanee  (see  Tabled 
right).  Unlike  in  the  jobs  setting,  the  performanee  gap  between  POPS  and  the  other  solvers 
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mDPLL 

Jobs 

mDPLL/C 

POPS 

mDPLL 

3-color 

mDPLL/C 

POPS 

mDPLL 

- 

135 

2 

- 

190 

27 

mDPLL/C 

0 

- 

0 

0 

- 

2 

POPS 

136 

138 

- 

173 

198 

- 

Table  4:  Number  of  instances  where  the  row  solver  beats  the  column  solver.  Left:  based  on  270 
job  scheduling  instances.  Right:  based  on  880  3-coloring  instances. 


does  not  elose.  Fig  5  illustrates  this  phenomenon  for  graphs  with  70%  edge  density,  but 
denser  graphs  are  similar.  These  trends  may  indicate  that  only  a  small  number  of  the  edges 
are  important  to  reason  about. 


Figure  5:  Log  runtime  for  3-Coloring  instances  on  graphs  with  70%  of  the  possible  edges.  Medi¬ 
ans  are  plotted  as  a  trend  line,  and  individual  instances  are  plotted  as  points. 

Experiment  4,  logistics  scaling.  The  logistics  experiments  are  more  difficult  to  sum¬ 
marize  than  previous  experiments,  but  the  left  of  Table  5  shows  that  POPS  is  again  the 
fastest  solver  for  most  instances.  mDPLL,  however,  is  faster  than  POPS  for  a  relatively 
large  number  of  the  instances — especially  compared  to  previous  experiments.  Instances 
where  mDPLL  is  superior  might  have  common  properties — they  might  lack  S -independence. 
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or  perhaps  independence  is  present  but  POPS  fails  to  exploit  it  with  our  current  heuristics. 


mDPLL 

Logistics 

mDPLL/C 

POPS 

mDPLL 

Random 

mDPLL/C 

POPS 

mDPLL 

- 

813 

222 

- 

3038 

1359 

mDPLL/C 

124 

- 

176 

77 

- 

447 

POPS 

737 

783 

- 

1849 

2761 

- 

Table  5:  Number  of  instances  where  the  row  solver  beats  the  column  solver.  Left:  based  on  960 
logistics  instances.  Right:  based  on  3360  random  3^3SAT  instances. 

Scaling  trends,  such  as  the  one  in  Fig  6,  is  less  strong  than  the  trends  in  the  previous 
experiments.  This  is  due  to  the  high  variance  found  between  different  instances  generated 
with  the  same  parameter  tuple. 

Experiment  5,  random  37^3SAT  scaling.  The  right  of  Table  5  paints  a  different 
picture  than  the  previous  experiments:  here,  neither  POPS  nor  mDPLL  seem  to  be  the  true 
victor.  Both  beat  the  other  on  a  number  of  different  instances — although,  again,  mDPLL  /  C 
seems  to  be  the  slowest  solver. 

Taking  a  look  at  the  different  clause  ratios  is  informative,  and  the  different  parameter- 
izations  have  very  dissimilar  scaling  trends.  The  instances  where  the  clause  ratio  is  2.5 
paints  a  rosy  picture  for  POPS  (e.g..  Fig  7 — it  is  the  fastest  algorithm  in  28%  of  such  in¬ 
stances,  and  is  only  beaten  by  mDPLL  in  2%  of  these  instances).  We  note  that  the  variance 
for  POPS  grows  quickly  with  the  number  of  variables,  indicating  more  sensitivity  to  prob¬ 
lem  structure  than  mDPLL  and  mDPLL /C.  However,  if  we  restrict  our  attention  to  more 
constrained  instances  with  a  clause  ratio  of  4.0,  then  we  get  a  much  different  picture.  Here, 
mDPLL  emerges  as  the  superior  algorithm,  beating  POPS  in  29%  of  such  instances  while 
POPS  beats  mDPLL  only  3%  of  the  time — a  reversal  of  the  previous  trend. 


5  Conclusions 

In  this  paper  we  introduced  7)^3SAT,  a  problem  with  a  number  of  interesting  properties. 
#3SAT  can,  for  example,  represent  questions  about  the  robustness  of  a  policy  space  for  a 
simple  type  of  planning  under  uncertainty.  Not  only  did  we  provide  theoretical  statements 
about  the  expressiveness  and  worst-case  difficulty  of  ^3SA[T,  but  we  also  built  the  first 
three  dedicated  ^3SAI  solvers. 

We  ran  these  solvers  through  their  paces  on  four  different  distributions  and  many  dif¬ 
ferent  instances.  These  experiments  led  us  to  three  conclusions.  First,  our  algorithm  POPS 
shows  promise  on  many  of  these  instances,  sometimes  running  many  orders  of  magnitude 
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Figure  6:  Logistics  instances  on  networks  with  1.1  roads  per  city,  4  trucks,  3  boxes,  and 
8  time  steps.  Medians  are  plotted  as  a  trend  line,  and  individual  instances  are  plotted  as 
points. 
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Figure  7:  Log  runtimes  for  random  3#3SAT  instances  on  graphs  with  a  clause  ratio  of  2.5  and 
10%  S-variables.  Medians  are  plotted  as  a  trend  line,  and  individual  instances  are  plotted  as  points. 


24 


faster  than  the  next  fastest  algorithm,  due  to  its  ability  to  exploit  S -independence.  Sec¬ 
ond,  the  instances  on  which  POPS  solver  was  slower  than  mDPLL  should  serve  as  focal 
instances  for  understanding  the  exploitable  structure  that  occurs  in  7^3SAT.  Finally,  they 
suggest  that  #SAT-style  component  caching  is  detrimental  to  solving  #3SAT  problems. 
This  does  not  rule  out  lighter-weight  component  detection  tailored  to  7^3SAT’s  unique 
trade-offs. 

There  are  a  number  of  research  directions:  our  theory  about  the  importance  of  S- 
independence  should  be  tested  on  more  problem  distributions.  Further  profiling  should 
guide  the  design  of  better  heuristics;  POPS,  in  particular,  will  benefit  from  a  branching 
heuristic  tuned  to  its  style  of  reasoning.  Profiling  data  may  inspire  additional  methods  for 
exploiting  independence  structures  and  symmetry  in  ^^38 AT  problems.  A  final  direction 
is  to  build  approximate  solvers  that  maintain  bounds  on  their  approximation.  These  may 
be  necessary  for  tackling  larger  real-world  applications.  For  example,  we  are  interested  in 
using  ^3SAT  to  pose  ‘robust  bounded  model  checking’  questions  about  the  yield  of  com¬ 
puter  chips  under  some  noisy  fabrication  model.  Questions  like  this  are  currently  much  too 
large  for  our  exact  solvers  to  tackle,  but  perhaps  a  carefully  designed  approximate  solver 
could  quickly  find  an  acceptable  estimate. 
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